Amstelveen, July 18, 2022 – Cybercrime is increased by “plug and play” malware sets that make it easier than ever to carry out attacks. In addition, cyber syndicates are teaming up with amateur attackers to attack companies. The HP Wolf Security Threat Team partnered with Forensic Pathways to conduct a three-month dark web survey examining and analyzing more than 35 million cybercrime marketplaces and forum posts to understand how cybercriminals work.
Malware is cheap and easily accessible
More than three-quarters (76%) of the listed malware offerings and 91% of exploitation (codes that allow attackers to take control of systems by taking advantage of software errors) are sold for less than $ 10. The average price for forged Remote Desktop Protocol data is only $ 5 USD. The products are sold in bundles with plug-and-play malware sets, malware-as-a-service, instructions and mentoring services. This reduces the technical skills and experience required to perform complex and targeted attacks. Only 2 to 3% of cybercrime players today are advanced coders.1
The irony of ‘Honor among cyber thieves’
Ironically, trust and reputation are essential parts of cybercrime trading, just like in legitimate online retailing: 77% of the cybercrime marketplaces analyzed require a vendor guarantee – a license to sell – that can cost up to $ 3,000. 85% of them use escrow payments and 92% have a third party dispute resolution service. Each marketplace provides feedback scores to salespeople. Cybercriminals are also trying to stay one step ahead of law enforcement by transferring their reputation between sites – the average lifespan of a dark web Tor site is only 55 days.
Vulnerabilities in popular software
Cybercriminals target known bugs and vulnerabilities in popular software to gain control of the systems. Examples include Microsoft Office, web content management systems, and web and email servers. Kits that exploit vulnerabilities in niche systems are the most expensive (usually between $ 1,000 and $ 4,000 USD). Zero Days (vulnerabilities not yet commonly known) are sold on the dark web for tens of thousands of dollars.
“Unfortunately, being a cybercriminal has never been easier. Complex attacks used to require serious skills, knowledge and resources. Now the technology and training are available at the price of a liter of petrol. Whether it’s revealing company or customer data, delayed deliveries or canceling a hospital contract, the blast of cybercrime is affecting us all, ”said Alex Holland, Senior Malware Analyst at HP Inc.
To protect you as a company from current and future threats, the report provides the following advice:
Master the basics to reduce the chances of cybercriminals: such as multi-factor authentication and patch management, and prioritize self-healing hardware to increase resilience.
• Prepare for the worst; Reduce the risk to your employees and partners by establishing processes to review supplier security and educate staff on social engineering. Practice responding to attacks to identify problems, make improvements, and be better prepared.
• Cybercrime is a team sport, and so should cyber security: Talk to colleagues to share threat intelligence and be proactive by following open discussions in underground forums. Work with third-party security services to identify vulnerabilities and critical risks.
“We all need to do more to fight the growing cybercrime machine,” said Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc. “For individuals, it means they become cyber-conscious, as most attacks start with a click of the mouse. But giving yourself a safety net by buying technology that can mitigate and repair the effects of a wrong mouse click is even better. . “
The Evolution of Cybercrime – How the Dark Web Exaggerated the Cybercrime Economy: An HP Wolf Security Report Based on the Results of:
An independent study conducted by Forensic Pathways on behalf of HP Wolf Security. The company collected dark web marketplace lists using their automated crawlers that monitor content on the Tor network. Their Dark Search Engine tool has an index of> 35 million scraped URLs. The data collected were examined and validated by Forensic Pathway analysts. This report analyzed approximately 33,000 active sites on the dark web, including 5,502 forums and 6,529 marketplaces. Between February and April 2022, Forensic Pathways identified 17 recently active cybercriminal marketplaces across the Tor network and 16 hacking forums across the Tor network and the network containing relevant records that make up the dataset.
2. The report also includes threat telemetry from HP Wolf Security and investigation of the leaked communications from the Conti ransomware group.
3. Interviews and contributions from a panel of cybersecurity experts, including:
• Alex Holland, Report Writer, Senior Malware Analyst at HP Inc.
• Joanna Burkey, Chief Information Security Officer at HP Inc.
• Ian Pratt, Global Head of Security for Personal Systems at HP Inc.
• Boris Balacheff, Chief Technologist for Security Research and Innovation at HP Labs, HP Inc.
• Patrick Schlapfer, Malware Analyst at HP Inc.
• Michael Calce, former black hat “MafiaBoy”, member of the HP Security Advisory Board, CEO of decentraweb and president of Optimal Secure.
• Mike McGuire, Associate Professor of Criminology at the University of Surrey, UK and a cybersecurity expert
• Robert Masse, HP Security Advisory Board member and partner at Deloitte.
• Justine Bone, HP Security Advisory Board member and CEO of Medsec.
HP Inc. is a technology company that believes that one well thought out idea has the power to change the world. HP’s product and service portfolio of personal computer systems, printers, and 3D printing solutions helps bring these ideas to life. Visit http://www.hp.nl for more information.
About HP Wolf Security
HP Wolf Security, the maker of the world’s most secure PCs and printers, is a new type of endpoint security. HP’s portfolio of hardware-enabled security and endpoint-focused security services is designed to help organizations protect PCs, printers, and people from cybercriminals. HP Wolf Security delivers comprehensive endpoint protection and robustness that starts at the hardware level and extends across software and services.
This article is a submitted message and is not the responsibility of the editors.